Information Security Awareness, Training and Motivation — Native Intelligence, Inc.

Information Security Awareness and Privacy Training Programs

Provide better protection for assets by

  • Helping employees recognize and respond appropriately to real and potential security concerns.
  • Providing fresh, updated information to keep your staff current on new risks and what to do about them.
  • Making employees, contractors, and business partners aware that the data on their computers and mobile devices (PDAs, thumb drives, smart phones, etc.) are valuable and vulnerable.

Improve morale by

  • Providing information that is personally useful to your staff, such as how to avoid scams, fraud, phishing, and ID theft. Information on how to protect home PCs and how to use e-mail and the Internet safely lets employees know that your organization cares about them. Building good computing habits at home is as important as building those behaviors at work. Secure computing habits will transfer across environments.
  • Rewarding good security behaviors and those who stand up for security. Recognition for doing something well boosts morale.

Save money by

  • Reducing the number and extent of information security breaches. The sooner a breach is identified, the lower the cost of addressing it will be. Direct costs (e.g., cost to recover data lost or altered during an incident, cost to notify customers of breaches, fines for non-compliance) and indirect costs (e.g., lost customers, lost productivity, time spent investigating/resolving breaches and hoaxes) will decrease.
  • Reducing systems' costs by allowing control measures to be designed into systems rather than adding them to installed systems. (It is significantly more expensive to retrofit a control than to design it into an application or system.)
  • Providing savings through coordination and measurement of all security awareness, training, and educational activities while reducing duplication of efforts.

Give your organization a competitive advantage and protect and enhance your organization's reputation and brand by

  • Showing customers that your organization cares about protecting their information. Think of the good will that Johnson and Johnson received when management made a decision to protect customers by pulling Tylenol off the shelves when some packages were found to contain poison.
  • Preventing the negative press that can result from security breaches.

Protect customer information and corporate information by

  • Building a culture of security competence. Motivate employees, contractors, and consultants to improve their behaviors and incorporate security concerns into their decision making.

    Did you know?Malware writers are increasingly targeting corporate information.

Reduce the potential for fines and mandatory audits by

  • Improving overall compliance with your organization's information security policies, procedures, standards, and checklists.

    Did you know?If the FTC finds that a company did not sufficiently protect against a data breach, the FTC can require that company to undergo annual independent security audits for up to 20 years?

Reduce the potential for lawsuits against your organization by

  • Demonstrating a corporate concern for security and a process for ensuring that the workforce will provide adequate protection for information assets entrusted to its care.

Reduce C-level executives' exposure to prosecution by

  • Ensuring that they understand that they are legally responsible for the integrity of the organization's information assets.
  • Demonstrating management's commitment to secure information resources.
  • Allowing your organization to comply with regulations that require information security awareness and privacy training (such as the Federal Information Security Management Act, the Health Insurance Portability and Accountability Act, the Gramm-Leach-Bliley Act, the Sarbanes-Oxley Act)

Facilitate disciplinary or legal action against those who don't comply with information security rules by

  • Documenting the requirements and individual's acknowledgment of your organization's security policies.